nmpta-12631070.memberhub.com Open in urlscan Pro
18.66.192.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nmpta-12631070.memberhub.com/
Effective URL:
https://nmpta-12631070.memberhub.com/
Submission: On January 17 via api (January 17th 2024, 3:17:45 am UTC) from US — Scanned from DE

Summary HTTP 37 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 19 domains to perform 37 HTTP transactions. The main IP is 18.66.192.96, located in United States and belongs to AMAZON-02, US. The main domain is nmpta-12631070.memberhub.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.

This is the only time nmpta-12631070.memberhub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.66.192.75 18.66.192.75	16509 (AMAZON-02) (AMAZON-02)
6	18.66.192.96 18.66.192.96	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:bc59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0c::54	15169 (GOOGLE) (GOOGLE)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:e3a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:faa8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4dba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.21.61.62 52.21.61.62	14618 (AMAZON-AES) (AMAZON-AES)
1 7	44.207.237.79 44.207.237.79	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	52.217.4.22 52.217.4.22	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
37	20

1 18.66.192.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-75.muc50.r.cloudfront.net

nmpta-12631070.memberhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.192.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-96.muc50.r.cloudfront.net

nmpta-12631070.memberhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bc59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e3a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:faa8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4dba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.61.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-61-62.compute-1.amazonaws.com

api.givebacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 44.207.237.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-237-79.compute-1.amazonaws.com

api.memberhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.4.22 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	memberhub.com 2 redirects nmpta-12631070.memberhub.com api.memberhub.com — Cisco Umbrella Rank: 312016	6 MB
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4876 track.hubspot.com — Cisco Umbrella Rank: 2301	2 KB
2	amazonaws.com s3.amazonaws.com	825 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	92 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	317 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	154 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	167 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3557	1 KB
1	givebacks.com api.givebacks.com — Cisco Umbrella Rank: 439090	2 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2120	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2148	21 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4841	24 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3251	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	950 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 750	151 KB
1	google.com accounts.google.com — Cisco Umbrella Rank: 23	80 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2407	1 KB
37	19

	Domain	Requested by
7	api.memberhub.com	1 redirects nmpta-12631070.memberhub.com
7	nmpta-12631070.memberhub.com	1 redirects nmpta-12631070.memberhub.com
2	s3.amazonaws.com
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	api.hubspot.com	js.usemessages.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	nmpta-12631070.memberhub.com www.googletagmanager.com
2	securepubads.g.doubleclick.net	nmpta-12631070.memberhub.com securepubads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.facebook.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	api.givebacks.com	nmpta-12631070.memberhub.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	fonts.googleapis.com	nmpta-12631070.memberhub.com
1	cdn.pendo.io	nmpta-12631070.memberhub.com
1	accounts.google.com	nmpta-12631070.memberhub.com
1	js.hs-scripts.com	nmpta-12631070.memberhub.com
37	21

This site contains links to these domains. Also see Links.

Domain
gcc02.safelinks.protection.outlook.com
www.givebacks.com
support.givebacks.com

Subject Issuer	Validity	Valid
*.memberhub.com Amazon RSA 2048 M01	`2023-03-27` - `2024-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cdn.pendo.io GTS CA 1D4	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.givebacks.com Amazon RSA 2048 M02	`2023-12-10` - `2025-01-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-26` - `2024-01-24`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nmpta-12631070.memberhub.com/
Frame ID: 4F1DD4935FD004D69D840F2E9CECCD5F
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Givebacks

Page URL History Show full URLs

http://nmpta-12631070.memberhub.com/ HTTP 301
https://nmpta-12631070.memberhub.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

37
Requests

97 %
HTTPS

71 %
IPv6

19
Domains

21
Subdomains

20
IPs

3
Countries

7299 kB
Transfer

8787 kB
Size

9
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Finstagram.com%2Fjksiapta%3Figshid%3DOGQ5ZDc2ODk2ZA%253D%253D%26utm_source%3Dqr&data=05%7C01%7Cgilvaldez%40bernco.gov%7Cb5de7acefc5c4894904408dbebd749bb%7C2017becccef8453fae3c04934fc97714%7C0%7C0%7C638363082142215658%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=rqbY1YRHcQbsBj%2Fb51k9LjvaN4p6%2FOxmYtbFfc%2FVe3I%3D&reserved=0
Title: https://instagram.com/jksiapta?igshid=OGQ5ZDc2ODk2ZA%3D%3D&utm_source=qr

Search URL Search Domain Scan URL

URL: https://www.givebacks.com/story
Title: About

Search URL Search Domain Scan URL

URL: https://support.givebacks.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.givebacks.com/terms
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nmpta-12631070.memberhub.com/ HTTP 301
https://nmpta-12631070.memberhub.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNWwwUkE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--f63e220d0166f63a80204d0cc6032f47e0c24fcb/IMG_8268.jpg HTTP 302
https://s3.amazonaws.com/com.memberhub.storage/z4o2yebtg4c93uv2tky0ac5b7jdq?response-content-disposition=inline%3B%20filename%3D%22IMG_8268.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_8268.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240117%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240117T031741Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=1119d026dd5298ad2c249f3aa4db55a94cf4c771d5817df99b8a93e301679f56

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nmpta-12631070.memberhub.com/
Redirect Chain

http://nmpta-12631070.memberhub.com/
https://nmpta-12631070.memberhub.com/

3 KB
4 KB

74ms
24ms

Document
text/html

18.66.192.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nmpta-12631070.memberhub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-96.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afbb224fc69d30fdc41beb1519c9a1d8d8a4db96d18444246eb21f5616bb3417

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19934
content-length: 3549
content-type: text/html
date: Tue, 16 Jan 2024 21:45:26 GMT
etag: "3870dc98a12da52c26de9648820ce4cf"
last-modified: Tue, 16 Jan 2024 21:41:42 GMT
server: AmazonS3
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-id: PWdQ8i_GFrbhfXGJ1B_LE6NG0NAiLSOAgWRAqI1EUMlOJVkJmajZgg==
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Wed, 17 Jan 2024 03:17:39 GMT
Location: https://nmpta-12631070.memberhub.com/
Server: CloudFront
Via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
X-Amz-Cf-Id: RIOJ_YZy1gCOb9ymJSztlTmM5UwLI-phD7Ur2pQExQdO39WYMgX6fA==
X-Amz-Cf-Pop: MUC50-P1
X-Cache: Redirect from cloudfront

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 182ms
84ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38d554196ee09f8dc026017e860188910c5c34c9919c22b72a8476efc5d06a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29426
x-xss-protection: 0
server: cafe
etag: 105 / 19739 / 31080414 / config-hash: 6931021207574245193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 03:17:39 GMT

GET
H2 200 21159.js Show response
js.hs-scripts.com/ 2 KB
1 KB 232ms
135ms Script
application/javascript 2606:4700::6810:bc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21159.js

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bc59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57bde23b607543f31174a2298d343d7bfe3bc112070c4c85950e206d7f910647

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8e314db4-d886-4305-9fd4-b52e94431273
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8e314db4-d886-4305-9fd4-b52e94431273
last-modified: Wed, 17 Jan 2024 02:13:53 GMT
server: cloudflare
x-trace: 2B825086A6D998C1C08892F6A76A5A4AD0CBC7BC9F000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://nmpta-12631070.memberhub.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-vxx9b
cf-ray: 846b7249c9b891f0-FRA
expires: Wed, 17 Jan 2024 03:19:09 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 206 KB
80 KB 99ms
45ms Script
application/javascript 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cab58de2f34dbfe5763a4ede1c26cc3d09ce91f72fa7f352239cbd49ea17cc5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-gPoqbWtkDyEr6w3HEw0SDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-gPoqbWtkDyEr6w3HEw0SDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 17 Jan 2024 03:17:39 GMT

GET
H2 200 index-I4JummIX.js Show response
nmpta-12631070.memberhub.com/assets/ 5 MB
5 MB 28ms
27ms Script
text/javascript 18.66.192.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nmpta-12631070.memberhub.com/assets/index-I4JummIX.js
Requested by: Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-96.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34d268596d3aeac02b79bbfebb46ba203b7ccbf9e66c567bd07c0de383633820

Request headers

Referer: https://nmpta-12631070.memberhub.com/
Origin: https://nmpta-12631070.memberhub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:42:29 GMT
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:41:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 20111
etag: "2b7f46cfb94a86e1b454991392096dce"
x-cache: Hit from cloudfront
content-type: text/javascript
content-length: 5051686
x-amz-cf-id: o6wsvXybH3N4l_KNab-4rTQq4Bax0H4LWTyj--xF0ODYQQe0yme0Vg==

GET
H2 200 index-dKwO-POV.css
nmpta-12631070.memberhub.com/assets/ 372 KB
373 KB 27ms
27ms Stylesheet
text/css 18.66.192.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nmpta-12631070.memberhub.com/assets/index-dKwO-POV.css
Requested by: Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-96.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db02459ffa4d4ec23734f3f2d58338203ecac8e0a6db619acbf5b366282a064b

Request headers

Referer: https://nmpta-12631070.memberhub.com/
Origin: https://nmpta-12631070.memberhub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:42:29 GMT
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:41:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 20111
etag: "0a8f582aeda9abbdfd1894eef894617d"
x-cache: Hit from cloudfront
content-type: text/css
content-length: 381229
x-amz-cf-id: Nykxv_q32Sb36-f9l3NeH5333ghw0qm777HBpbFPIIJCDAdu13JP8g==

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/ 461 KB
151 KB 79ms
24ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/pendo.js

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

9f9556d46052cd5d14d865175e764f14c37067820b3dcab804362bb566ab05ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:46:51 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 1848
x-guploader-uploadid: ABPtcPqf7gYf3vOSWbjROf6Oi6aKv5FlO584tkpcOVlTIMzpag5LLJ_zjc7umYGQCiCCx_MSLrstyXOrD8DTdi4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153931
last-modified: Tue, 16 Jan 2024 16:12:33 GMT
server: UploadServer
etag: "2491e8ec9b3043cfe67a2ccec9babd2e"
vary: Accept-Encoding
x-goog-generation: 1705421553428694
x-goog-hash: crc32c=P+6mIA==, md5=JJHo7JswQ8/meizOybq9Lg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 153931
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
65 KB 77ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05b85e757b7af88970a91f027b9a7c5bfb4d076a2d2458a0741d56abfdf3dc95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66315
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jan 2024 03:17:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
950 B 75ms
31ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/assets/index-dKwO-POV.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46f8cce0826f2b934c7ef9af81e9667f64a36dca24ff6782e09b298e79480cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 03:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 03:02:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 03:17:39 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/ 438 KB
138 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080414

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3220
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140824
x-xss-protection: 0
server: cafe
etag: 1760809391848743662
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:23:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
88 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3387b8e4dfddfa67c61fe1535622cffc5b942fa7054fd3c2cd4c7b5b44a4ee96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90441
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jan 2024 03:17:39 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 73ms
27ms Script
application/javascript 2606:4700::6811:e3a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e3a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9092cb4fb3eafe925fa67a4dc6b62b7c769cbcb9a1420ecaf4b5d80edeae726

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:39 GMT
x-amz-version-id: 5iFzgPv7W58VCAVxkHMx4QTA.7HcSoUh
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 272
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.510/bundles/pixels-release.js&cfRay=846b6ba3ab3c9b9a-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: b3ea1f9d-767e-4304-a8da-1b3e83ce4a91
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b3ea1f9d-767e-4304-a8da-1b3e83ce4a91
last-modified: Mon, 08 Jan 2024 15:41:50 UTC
server: cloudflare
etag: W/"ef358d7718df65ca620b75c779a3c331"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-hrlw2
cf-ray: 846b724aff0e911e-FRA
x-amz-cf-id: -s9olfRSd_pjircabQsY8B7Cm_6vdPLcL_xdjoAMQfBD7ZeFtJ-kww==
x-hs-target-asset: adsscriptloaderstatic/static-1.510/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 84 KB
24 KB 74ms
25ms Script
application/javascript 2606:4700::6811:faa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:faa8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f09e95e50ae9c0181382558ff935903a7b273b4a8e5006788e85ae1c72c7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:39 GMT
x-amz-version-id: KYDl9V0le_8eNyhqu8y2yzPaUoKjKmsM
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 548
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15030/bundles/project.js&cfRay=846b64e71935bbd9-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 146120ea-4a68-4006-8194-509a11cd0679
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 146120ea-4a68-4006-8194-509a11cd0679
last-modified: Wed, 20 Dec 2023 17:16:05 UTC
server: cloudflare
etag: W/"64e2daa01b1349fee44794df69e776a8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-b4w97
cf-ray: 846b724afa7e904f-FRA
x-amz-cf-id: jfXCN9ahP3FAz5OTWvUMW1ZXs5cdpHZIRslAUpxhAQCt3OzlnKRLEw==
x-hs-target-asset: conversations-embed/static-1.15030/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21159/ 66 KB
21 KB 175ms
128ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21159/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f7829709705d20ba51805d45a53c577d47d4284e6546b332ac6df522dd5185f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:39 GMT
x-amz-version-id: LMeZkO7btYlQGYZH1DqPLiBMRjRwTZsn
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: PXWYK0B6A717BTJD
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 99785dcd-1e51-45dd-8d1a-dd7af370e404
x-envoy-upstream-service-time: 17
x-amz-id-2: gO+XNqMGk9v3jj85eZ6bH72Z/L3TLv0vZIbDdeYDltOFP/jzal2WKfWSQMkSkmAL4Nw/36c9XUU=
x-evy-trace-listener: listener_https
x-request-id: 99785dcd-1e51-45dd-8d1a-dd7af370e404
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 11 Jan 2024 21:58:56 GMT
server: cloudflare
etag: W/"0861e96415cc5bf829422c4aef70e103"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://oecpta.memberhub.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-xjg99
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 846b724afeaa364e-FRA
expires: Wed, 17 Jan 2024 03:22:39 GMT

GET
H2 200 21159.js Show response
js.hs-analytics.net/analytics/1705461300000/ 66 KB
21 KB 193ms
152ms Script
text/javascript 2606:4700::6810:4dba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1705461300000/21159.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26dfeb66db76626ce2f51e47ca87b808859c9ad9e32aa911ca4aef488d2fcbb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 623SRK42J5BV6CCA
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 8525e720-708a-4cc9-b9bb-074b94eb87da
x-envoy-upstream-service-time: 29
x-amz-id-2: 1wCzsp0J8WGRLBMav3z4y2Z6XXbOelrFWKnYstL353m6tkJuqaqRkK89nt41yOUgmTxTX/VVrRw=
x-evy-trace-listener: listener_https
x-request-id: 8525e720-708a-4cc9-b9bb-074b94eb87da
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 16:24:02 GMT
server: cloudflare
etag: W/"c7b154efecade6a09699e2c5e6f31bc7"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-xjg99
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 846b724aeccabb41-FRA
expires: Wed, 17 Jan 2024 03:22:39 GMT

GET
H2 200 loader-wG7r-77B.gif
nmpta-12631070.memberhub.com/assets/ 303 KB
303 KB 29ms
29ms Image
image/gif 18.66.192.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmpta-12631070.memberhub.com/assets/loader-wG7r-77B.gif
Requested by: Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-96.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4430576a3cac8666cdcb947a95edb304e563d33c52101344c9940877b0382942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:43:19 GMT
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:41:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 20061
etag: "a43a96ade23eac01f7bc8fb4a037e1ab"
x-cache: Hit from cloudfront
content-type: image/gif
content-length: 309891
x-amz-cf-id: CCx6O4-nmy5bR9-Kfj1IQKe75jPkRkaxR6DYThOh73njT2kIYk2Ucg==

GET
H2 200 Poppins-Regular-_30f2ovI.woff2
nmpta-12631070.memberhub.com/assets/ 48 KB
49 KB 30ms
30ms Font
font/woff2 18.66.192.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nmpta-12631070.memberhub.com/assets/Poppins-Regular-_30f2ovI.woff2
Requested by: Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-96.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2

Request headers

Referer: https://nmpta-12631070.memberhub.com/
Origin: https://nmpta-12631070.memberhub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:43:20 GMT
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:41:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 20061
etag: "46ff920efe7721f9087376e8131619e8"
x-cache: Hit from cloudfront
content-type: font/woff2
content-length: 49652
x-amz-cf-id: NmF3dpFP65564HIupCeKdrirNJsYd9rtaRT9S1WcmcvQ3CX_3eA9Lg==

GET
H2 200 nmpta-12631070 Show response
api.givebacks.com/services/core/causes/ 2 KB
2 KB 408ms
146ms XHR
application/json 52.21.61.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.givebacks.com/services/core/causes/nmpta-12631070

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/assets/index-I4JummIX.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.61.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-61-62.compute-1.amazonaws.com

Software

Resource Hash

2a2d8025fc2fcf70dc1ae0b86502c48719e9e0785ecebbdd4db4dff6d9826272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://nmpta-12631070.memberhub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:40 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-request-id: e9a18f78-b2fb-4730-806b-33622581e2a2
x-runtime: 0.025262
referrer-policy: strict-origin-when-cross-origin
etag: W/"2a2d8025fc2fcf70dc1ae0b86502c487"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 webpages Show response
api.memberhub.com/services/memberhub-service/ 58 B
572 B 402ms
138ms XHR
application/json 44.207.237.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=undefined

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/assets/index-I4JummIX.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.207.237.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-237-79.compute-1.amazonaws.com

Software

Resource Hash

0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://nmpta-12631070.memberhub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Wed, 17 Jan 2024 03:17:40 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 98e6a261-5f2c-431c-bf10-893fca6881ea
x-runtime: 0.011499
referrer-policy: strict-origin-when-cross-origin
etag: W/"0c5b8dc8aff19cf814eb665f881709ff"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 82ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je41a0v892291399z89115494238&_p=1705461459483&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=611275099.1705461460&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705461460&sct=1&seg=0&dl=https%3A%2F%2Fnmpta-12631070.memberhub.com%2F&dt=Givebacks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1056
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 03:17:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nmpta-12631070.memberhub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 122 B
1 KB 195ms
142ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21159

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5f93a695648c7ca2f750038906a47d0be4bb3125a259ddf9e0c8c0d2489613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 00737fa6-d151-42a8-9d81-2510ea7b0930
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 00737fa6-d151-42a8-9d81-2510ea7b0930
server: cloudflare
x-trace: 2B2601A2321B88DEF36B720F44D36B9E76C8905A30000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://nmpta-12631070.memberhub.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-rzbnl
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6kEp3KDawFpmu6l8X6%2FmZ6VX4O8wx%2B5NmrR2sYBUDyIHOmxKlMxThL1O4jTuYUNTGe70HzBW0Pe0sNMjgB4%2BDtJbs4cdxmKYo%2BuPUnPVsm4BXjbvYLzTtVJk%2FnJ7MUCvYE9W7OdlRaRzMgA"}],"group":"cf-nel","max_age":604800}
cf-ray: 846b724f494c922f-FRA
access-control-allow-headers: *

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ 0
0 205ms
146ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=21159&conversations-embed=static-1.15030&mobile=false&messagesUtk=9909d97560f94aacae00b23c998d905e&traceId=9909d97560f94aacae00b23c998d905e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://nmpta-12631070.memberhub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://nmpta-12631070.memberhub.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 846b724f5fa76983-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 17 Jan 2024 03:17:40 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsQB%2Fpsbcdni%2F2pNSk0RzIxtS%2BcmbEzqoL6lIwiQI%2Fmnesv9%2FB6dcbZZi8Zu47dq5fSssGxzm3B79MPWTauGrhmIJOeduCzF9gyiQTIF3xb0ZnGGWTTChUWnDSBdOhLRzr%2B4Hv5b3saTkebtow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-xbjfw
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 954f3171-d342-4299-830c-497b7111b67f
x-request-id: 954f3171-d342-4299-830c-497b7111b67f
x-trace: 2BD013E796F26B40D68D11AEEBCCADCBB272A56727000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 269 B
1 KB 142ms
142ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1fadcd712df78ed4897f361c508e3592c61a5f8c286c117a6a44f43cd06596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nmpta-12631070.memberhub.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: fbbfafef-2c01-4659-959c-81c2751793d0
x-envoy-upstream-service-time: 10
content-length: 217
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fbbfafef-2c01-4659-959c-81c2751793d0
server: cloudflare
x-trace: 2B7D6ADF29D794D48CC3B5DCF82807B297B13885DA000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://nmpta-12631070.memberhub.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-b7pbk
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YREnEJFRqvp0%2FDUww0DM7qzReqxvEmrMjWsBJ46%2F1MypmKZFKczlDrA8G31LC2W%2FTf%2Bp12LYo1dXwI9J3FwX8DtFCGpczOwgeoYWgOMg69k8tFw3B6Z0Zugp97g1pkbhgD1FdcglDalYyJ6IaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 846b725048516983-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 204ms
146ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3725600676&v=1.1&a=21159&pu=https%3A%2F%2Fnmpta-12631070.memberhub.com%2F&t=Givebacks&cts=1705461460325&vi=47e2d1783b077a650cc1a7cfd5c85703&nc=true&u=131836368.47e2d1783b077a650cc1a7cfd5c85703.1705461460324.1705461460324.1705461460324.1&b=131836368.1.1705461460324&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 03:17:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 586a747f-b123-452a-b140-d1068cd7db2c
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 586a747f-b123-452a-b140-d1068cd7db2c
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lvrhBNk1r5En%2BG5ahL11g1UXgEU8EhuP98MKwKsZwN4KFnD773T0zA9KS1ddbaP6g7Thq8I%2Bqu9a5bfZE6F6fs8KAw9iCdANX1C%2BdvKsN0LVmLLO%2BAvz9kxzlJW6okQf1rhXl%2F7k%2FB%2BZIRyASwg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-865d96945d-cg6mt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 846b724f7bdd39e0-FRA
x-robots-tag: none

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 67ms
21ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Jan 2024 03:17:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: +a1Zpd+xdiKng8K1pkx9CbkZDVfPWpk02pRBZPn7kHJnpHm3Zqodsj7xoxKTn/DfGf3AH/94olo69ocGhFIOwg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 495956447226186 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 136ms
135ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/495956447226186?v=2.9.140&r=stable&domain=nmpta-12631070.memberhub.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67bf4661b868cae514c8d3b6ae106d1f723c924c34f9294a934641a220b153dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Jan 2024 03:17:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 6imsghV7wFYbKOOQuxVRIzo9r1PazZQ1YDlUCktEBAggLoeYbk2pSM2Y0U5sAylgvjUvT/s5ftJg9GyyYj0Hrw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a8030a4f-3922-41c3-a221-8d1f7429e47e Show response
api.memberhub.com/services/memberhub-service/organizations/ 6 KB
7 KB 177ms
176ms XHR
application/json 44.207.237.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/organizations/a8030a4f-3922-41c3-a221-8d1f7429e47e

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/assets/index-I4JummIX.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.207.237.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-237-79.compute-1.amazonaws.com

Software

Resource Hash

721475ede8c08e968b833a0d38811038e8ad5ae2f4840a53e962ba9eddbfd949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://nmpta-12631070.memberhub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Wed, 17 Jan 2024 03:17:40 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ea4dd790-e8b8-4995-9101-923b11b9e6f5
x-runtime: 0.049905
referrer-policy: strict-origin-when-cross-origin
etag: W/"721475ede8c08e968b833a0d38811038"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H/1.1

200
OK

z4o2yebtg4c93uv2tky0ac5b7jdq
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNWwwUkE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--f63e220d0166f63a80204d0cc6032f47e0c24fcb/IMG_...
https://s3.amazonaws.com/com.memberhub.storage/z4o2yebtg4c93uv2tky0ac5b7jdq?response-content-disposition=inline%3B%20filename%3D%22IMG_8268.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_8268.jpg&respons...

130 KB
130 KB

442ms
237ms

Image
image/jpeg

52.217.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.memberhub.storage/z4o2yebtg4c93uv2tky0ac5b7jdq?response-content-disposition=inline%3B%20filename%3D%22IMG_8268.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_8268.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240117%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240117T031741Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=1119d026dd5298ad2c249f3aa4db55a94cf4c771d5817df99b8a93e301679f56
Protocol: HTTP/1.1
Server: 52.217.4.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0ff95c6603f748ec5749858cf5e39fc507f92388a2959d6577ea7d4f85f8933c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 03:17:42 GMT
Last-Modified: Wed, 01 Nov 2023 16:25:57 GMT
Server: AmazonS3
x-amz-request-id: WXAJMK5DMKZW6QMZ
ETag: "844643a182638404dbedd33333ed653a"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Content-Disposition: inline; filename="IMG_8268.jpg"; filename*=UTF-8''IMG_8268.jpg
Accept-Ranges: bytes
Content-Length: 132911
x-amz-id-2: QYtTP56BGCJ9j9xsgYffZOc9G1KUApG6Nbdq6DYoxbexDxdzbNjCfJGzU9UVXCVdxLEP9QDZZc4=

Redirect headers

x-rack-cors: miss; no-origin
x-runtime: 0.007170
date: Wed, 17 Jan 2024 03:17:41 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=utf-8
location: https://s3.amazonaws.com/com.memberhub.storage/z4o2yebtg4c93uv2tky0ac5b7jdq?response-content-disposition=inline%3B%20filename%3D%22IMG_8268.jpg%22%3B%20filename%2A%3DUTF-8%27%27IMG_8268.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240117%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240117T031741Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=1119d026dd5298ad2c249f3aa4db55a94cf4c771d5817df99b8a93e301679f56
cache-control: max-age=300, private
x-xss-protection: 1; mode=block
x-request-id: cdbfa131-f7a6-453f-a989-fc8f1fed38ce

GET
H2 200 webpages Show response
api.memberhub.com/services/memberhub-service/ 15 KB
16 KB 165ms
165ms XHR
application/json 44.207.237.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=a8030a4f-3922-41c3-a221-8d1f7429e47e

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/assets/index-I4JummIX.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.207.237.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-237-79.compute-1.amazonaws.com

Software

Resource Hash

3ca95ec009b543130f993116884ea00e4a8257eed64de4ca341257f06e3845a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://nmpta-12631070.memberhub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Wed, 17 Jan 2024 03:17:40 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e3bdb0e4-5f86-42a9-bd2e-07d15d159d32
x-runtime: 0.038034
referrer-policy: strict-origin-when-cross-origin
etag: W/"3ca95ec009b543130f993116884ea00e"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 path Show response
api.memberhub.com/services/memberhub-service/webpages/ 4 KB
4 KB 285ms
285ms XHR
application/json 44.207.237.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages/path?organization_uuid=a8030a4f-3922-41c3-a221-8d1f7429e47e&path=/&live=true

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/assets/index-I4JummIX.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.207.237.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-237-79.compute-1.amazonaws.com

Software

Resource Hash

30f425cc7cf8cd9f850588c8f291b34d0bd17535d6f3d8caa7e4dfceb36ab77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://nmpta-12631070.memberhub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Wed, 17 Jan 2024 03:17:41 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 66601b29-f0c9-48f1-89f8-5c14cd5150a6
x-runtime: 0.063530
referrer-policy: strict-origin-when-cross-origin
etag: W/"30f425cc7cf8cd9f850588c8f291b34d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
20ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fnmpta-12631070.memberhub.com%2F&rl=&if=false&ts=1705461460980&sw=1600&sh=1200&ud[external_id]=47e2d1783b077a650cc1a7cfd5c85703&v=2.9.140&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1705461460782.1149256124&ler=empty&it=1705461460626&coo=false&cdl=&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 Jan 2024 03:17:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 store_items Show response
api.memberhub.com/services/memberhub-service/ 1 KB
2 KB 208ms
208ms Fetch
application/json 44.207.237.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/store_items?organization_uuid=a8030a4f-3922-41c3-a221-8d1f7429e47e&featured=true

Requested by

Host: nmpta-12631070.memberhub.com
URL: https://nmpta-12631070.memberhub.com/assets/index-I4JummIX.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.207.237.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-237-79.compute-1.amazonaws.com

Software

Resource Hash

da6af4c8a4d339aadd434fe5b97ca6629b2d5de093f670f7d35cfa440abae60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nmpta-12631070.memberhub.com/
Authentication-Session-Secret: undefined
accept-language: de-DE,de;q=0.9
Authentication-Session-Token: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Wed, 17 Jan 2024 03:17:41 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2530d482-56e7-4dde-a9bd-1fa4eab1e411
x-runtime: 0.085478
referrer-policy: strict-origin-when-cross-origin
etag: W/"da6af4c8a4d339aadd434fe5b97ca662"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Accept, Origin

GET
H/1.1 200
OK stock5.jpg
s3.amazonaws.com/com.memberhub.public/stock_images/ 694 KB
694 KB 378ms
168ms Image
image/jpeg 52.217.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.memberhub.public/stock_images/stock5.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.4.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 77191fe0b16fb1f27c26328e7e3b416f452fc54930942b68c692225c2ffc63f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 03:17:42 GMT
Last-Modified: Fri, 21 Aug 2020 15:15:36 GMT
Server: AmazonS3
x-amz-request-id: WXAGM5GBT69W0HHK
ETag: "9058c0ff55019d39438308e349e1b427"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 710528
x-amz-id-2: rrJjnYQsPsYgBGenosCQ8/ZSxaI10XoE3TQA+sDr+E9djvlHfLsudMn/b+x0k2/2ub619e4FdZg=

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 95ms
18ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nmpta-12631070.memberhub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:44:17 GMT
x-content-type-options: nosniff
age: 110004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:44:17 GMT

GET
H2 200 Poppins-Medium-DIn7zstv.woff2
nmpta-12631070.memberhub.com/assets/ 48 KB
48 KB 24ms
24ms Font
font/woff2 18.66.192.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nmpta-12631070.memberhub.com/assets/Poppins-Medium-DIn7zstv.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-96.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83

Request headers

Referer: https://nmpta-12631070.memberhub.com/
Origin: https://nmpta-12631070.memberhub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:43:23 GMT
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:41:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 20059
etag: "3a0a14dc7381ee5200cadbe0af4ee7de"
x-cache: Hit from cloudfront
content-type: font/woff2
content-length: 48956
x-amz-cf-id: wT4azp4c1AGsdg8OmRA1QxSBLFIy57NtfE2OKGyK_blLWGAoTZC2xw==

OPTIONS
H2 200 store_items
api.memberhub.com/services/memberhub-service/ 0
0 122ms
122ms Preflight 44.207.237.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.memberhub.com/services/memberhub-service/store_items?organization_uuid=a8030a4f-3922-41c3-a221-8d1f7429e47e&featured=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.237.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-237-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentication-session-secret,authentication-session-token
Access-Control-Request-Method: GET
Origin: https://nmpta-12631070.memberhub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: authentication-session-secret,authentication-session-token
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
date: Wed, 17 Jan 2024 03:17:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 26ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je41a0v892291399&_p=1705461459483&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=611275099.1705461460&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705461460&sct=1&seg=0&dl=https%3A%2F%2Fnmpta-12631070.memberhub.com%2F&dt=Givebacks&en=scroll&epn.percent_scrolled=90&_et=19&tfd=6079
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nmpta-12631070.memberhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 03:17:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nmpta-12631070.memberhub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.memberhub.com/	1970-01-21 03:20:21	Name: _ga Value: GA1.1.611275099.1705461460
.memberhub.com/	1970-01-21 03:20:21	Name: _ga_LZN7J64ECH Value: GS1.1.1705461460.1.0.1705461460.0.0.0
.memberhub.com/	1970-01-20 22:03:33	Name: __hstc Value: 131836368.47e2d1783b077a650cc1a7cfd5c85703.1705461460324.1705461460324.1705461460324.1
.memberhub.com/	1970-01-20 22:03:33	Name: hubspotutk Value: 47e2d1783b077a650cc1a7cfd5c85703
.memberhub.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.memberhub.com/	1970-01-20 17:44:23	Name: __hssc Value: 131836368.1.1705461460324
.hubspot.com/	1970-01-20 17:44:23	Name: __cf_bm Value: 2VQtmnODEq6PgmIKNHBDpoJhGKhJL99G0KfO9jwlX1Q-1705461460-1-AWQdALQTMYTJ7bstQqiQIyC8GMcycnzicrR+QFp5uwqoS9chzrOeNuW1hSwF6KBNCI2j1nM70y8rKwh8v5ZtKhM=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: q3Pl_B0JFu3Ibjun5hb0pBwW9gEXjBeZYT2V_Bp.vgM-1705461460521-0-604800000
.memberhub.com/	1970-01-20 19:53:57	Name: _fbp Value: fb.1.1705461460782.1149256124

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.givebacks.com
api.hubapi.com
api.hubspot.com
api.memberhub.com
cdn.pendo.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
nmpta-12631070.memberhub.com
region1.google-analytics.com
s3.amazonaws.com
securepubads.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.googletagmanager.com
18.66.192.75
18.66.192.96
2001:4860:4802:32::36
2606:4700:4400::6812:22e5
2606:4700::6810:4dba
2606:4700::6810:bc59
2606:4700::6811:cacc
2606:4700::6811:e3a3
2606:4700::6811:faa8
2606:4700::6813:9a53
2a00:1450:4001:808::2003
2a00:1450:4001:811::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c0c::54
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.36.213.229
44.207.237.79
52.21.61.62
52.217.4.22
05b85e757b7af88970a91f027b9a7c5bfb4d076a2d2458a0741d56abfdf3dc95
078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2
08f09e95e50ae9c0181382558ff935903a7b273b4a8e5006788e85ae1c72c7c6
0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0ff95c6603f748ec5749858cf5e39fc507f92388a2959d6577ea7d4f85f8933c
26dfeb66db76626ce2f51e47ca87b808859c9ad9e32aa911ca4aef488d2fcbb9
2a2d8025fc2fcf70dc1ae0b86502c48719e9e0785ecebbdd4db4dff6d9826272
2c5f93a695648c7ca2f750038906a47d0be4bb3125a259ddf9e0c8c0d2489613
30f425cc7cf8cd9f850588c8f291b34d0bd17535d6f3d8caa7e4dfceb36ab77d
3387b8e4dfddfa67c61fe1535622cffc5b942fa7054fd3c2cd4c7b5b44a4ee96
34d268596d3aeac02b79bbfebb46ba203b7ccbf9e66c567bd07c0de383633820
38d554196ee09f8dc026017e860188910c5c34c9919c22b72a8476efc5d06a9f
3ca95ec009b543130f993116884ea00e4a8257eed64de4ca341257f06e3845a6
4430576a3cac8666cdcb947a95edb304e563d33c52101344c9940877b0382942
46f8cce0826f2b934c7ef9af81e9667f64a36dca24ff6782e09b298e79480cbc
57bde23b607543f31174a2298d343d7bfe3bc112070c4c85950e206d7f910647
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
67bf4661b868cae514c8d3b6ae106d1f723c924c34f9294a934641a220b153dc
6cab58de2f34dbfe5763a4ede1c26cc3d09ce91f72fa7f352239cbd49ea17cc5
721475ede8c08e968b833a0d38811038e8ad5ae2f4840a53e962ba9eddbfd949
72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83
77191fe0b16fb1f27c26328e7e3b416f452fc54930942b68c692225c2ffc63f2
8f7829709705d20ba51805d45a53c577d47d4284e6546b332ac6df522dd5185f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9f9556d46052cd5d14d865175e764f14c37067820b3dcab804362bb566ab05ec
afbb224fc69d30fdc41beb1519c9a1d8d8a4db96d18444246eb21f5616bb3417
d9092cb4fb3eafe925fa67a4dc6b62b7c769cbcb9a1420ecaf4b5d80edeae726
da6af4c8a4d339aadd434fe5b97ca6629b2d5de093f670f7d35cfa440abae60c
db02459ffa4d4ec23734f3f2d58338203ecac8e0a6db619acbf5b366282a064b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1fadcd712df78ed4897f361c508e3592c61a5f8c286c117a6a44f43cd06596

nmpta-12631070.memberhub.com Open in urlscan Pro 18.66.192.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

71 %IPv6

19 Domains

21 Subdomains

20 IPs

3 Countries

7299 kBTransfer

8787 kBSize

9 Cookies

4 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nmpta-12631070.memberhub.com Open in urlscan Pro
18.66.192.96 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

71 %
IPv6

19
Domains

21
Subdomains

20
IPs

3
Countries

7299 kB
Transfer

8787 kB
Size

9
Cookies

37 HTTP transactions
0 data transactions